"For maybe a decade, North Korean intelligence services have been training young IT workers and sending them abroad in teams, often to China or Russia. From these bases, they scour the web for job listings all over, usually in software engineering, and usually with Western companies. They favor roles that are fully remote, with solid wages, good access to data and systems, and few responsibilities. Over time they began applying for these jobs using stolen or fake identities and relying on members of their criminal teams to provide fictional references; some have even started using AI to pass coding tests, video interviews, and background checks.

But if an applicant lands a job offer, the syndicate needs somebody on the ground in the country the applicant claims to live in. A fake employee, after all, can’t use the addresses or bank accounts linked to their stolen IDs, and they can’t dial in to a company’s networks from overseas without instantly triggering suspicion. That’s where someone like Christina Chapman comes in.

As the “facilitator” for hundreds of North Korea–linked jobs, Chapman signed fraudulent documents and handled some of the fake workers’ salaries. She would often receive their paychecks in one of her bank accounts, take a cut, and wire the rest overseas: Federal prosecutors say Chapman was promised as much as 30 percent of the money that passed through her hands.

Her most important job, though, was tending the “laptop farm.” After being hired, a fake worker will typically ask for their company computer to be sent to a different address than the one on record—usually with some tale about a last-minute move or needing to stay with a sick relative. The new address, of course, belongs to the facilitator, in this case Chapman."

https://www.wired.com/story/north-korea-stole-your-tech-job-ai-interviews/

#CyberSecurity #NorthKorea #IT #RemoteJobs #StateHacking #AI